Invoices in the email may also be leaked and monitored, national security agencies warn.

The National Security Department has issued a security advisory article. During the busy year-end and beginning of the year, when people are rushing to settle accounts and handle finances, overseas attackers take advantage of the time when settlements are being finalized. They disguise themselves as telecommunications operators, e-commerce platforms, or customer service from tourism platforms, using "recipient's name + electronic invoice" as the subject to construct phishing emails. The email text will specifically emphasize phrases such as "invalid if overdue" or "invoice errors, need to be reissued" to create a sense of urgency and lower vigilance. After all, in the subconscious of many people, "how much harm can a single invoice do?" However, the real trap is hidden in the attachment or link - what appears to be a normal invoice file is actually a carefully disguised Trojan program by overseas hacker groups.